Background. Types of Predicate Encryptions. Cloud Storage. Server. (1) {Encrypted Data}. Secret Key. Owner. (2) Token. (3) Results of Search. (1) {Encrypted ...
Enabled/Disabled Predicate Encryption in Clouds Shi-Yuan Huang, Chun-I Fan∗ , and Yi-Fan Tseng Applied Cryptology Laboratory Department of Computer Science and Engineering National Sun Yat-sen University
Future Generation Computer Systems, 2016
1 / 53
Outline
Background Controllable Predicate Encryption Schemes Application I: Secure Webmail Service with Search Privacy Protection Application II: Business Data Storage System Supporting Privacy Enhanced Search in Cloud Conclusion
2 / 53
Definition
Predicate Encryption Predicate encryption is a cryptographic primitive that provides fine-grained control over access to encrypted data. It is often used for encrypted data search in a cloud storage environment.
3 / 53
Background
Data Keyword
Matched Data
Know Everything
No Encryption
Cipheretxts
Keyword
Cannot Search in Ciphertext Space
Using Typical Encryption
Cipheretxts
Search Token Using Predicate Encryption
Matched Ciphertext
Know Nothing
4 / 53
Background How to Search?
Cipheretxts
Search Token Matched Ciphertext
Using Predicate Encryption
Know Nothing
Attributes {0,1} or
embed Ciphertexts
Matched Ciphertext
Search Token
Search Procedure
embed {0,1} or
Attributes
5 / 53
Background Types of Predicate Encryptions
(1) {Encrypted Data}
(2) Token
Secret Key Owner
∈ Condition c
(3) Results of Search ∈ Condition c Cloud Storage Server
Symmetric Setting (2) Token ∈ Condition c (1) {Encrypted Data}
Sender
(3) Results of Search ∈ Condition c Cloud Storage Server
Private Key Owner
Asymmetric Setting
6 / 53
Background Relation of Functional Encryptions
with attribute-hiding
IPE: FE
Attributes
Cover
IBE
PE
ሺܼ ሻ݊
ABE
ሺܼ ሻ݊
If attribute = ID Can be constructed by
HVE: HVE
Attributes {0,1}* {0,1}* (Efficiency)
(Generalization)
IPE
Hierarchical architecture
HIPE (often using dual pairing vector spaces) Notations: FE: Functional Encryption IBE: ID-Based Encryption PE: Predicate Encryption ABE: Attribute-Based Encryption HVE: Hidden Vector Encryption IPE: Inner Product Encryption HIPE: Hierarchical IPE
7 / 53
Background Hidden Vector Encryption (HVE)
Attributes {0,1}
=
embed Ciphertexts
Matched Ciphertext
Search Token
Search Procedure
embed {0,1}
Attributes
Hidden Vector Encryption (HVE)
Attributes {0,1}
embed Ciphertexts
Inner Product = 0
Matched
8 / 53
Search Token Background Inner Product Encryption (IPE )
Search Procedure
embed {0,1}
Hidden Vector Encryption (HVE)
Attributes Attributes ሺܼ ሻ݊
embed
Inner Product = 0
Ciphertexts
Matched Ciphertext
Search Token
Search Procedure
embed ሺܼ ሻ݊
Attributes
Inner Product Encryption (IPE )
9 / 53
Contributions
Controllable Predicate Encryption for Inner Product Predicates Apply it to Ciphertexts
Search Result
Secure Webmail Service with Search Privacy Protection
System Implementation Sender
Receiver (Private Key Owner)
Public Cloud
Properties: Timed-Release Services Data Self-Destruction Supporting Long Message Encryption Undecryptable Search Applications: Encrypted Web-Mail Search Sender/Receiver Applications Apply it to Ciphertexts Search Token
Public Cloud
Secret Key Owner Search (Manager) Result
Delegated Person (Staff)
Business Data Storage System Supporting Privacy Enhanced Search in Cloud
System Implementation
Properties for Symmetric Setting: Revocable Delegated Search Undecryptable Delegated Search Applications: Delegation-Based Business Applications
10 / 53
Controllable Predicate Encryption Schemes for Inner Product Predicates
Proposed Scheme It is the first work that can provide timed-release services and data self-destruction property T1 Receiver R Timed-release Agent TRA
T2 Unreadable
T3 Readable Timed-release Token
Time Unreadable Cannot Retrieve
Distributed Hash Table (DHT)
T1: The sender sets the readable time T2 and the unreadable time T3 for a file. Initially, the file is unreadable for R after it is sent at time T1. T2: TRA publishes the timed-release token at time T2; R can read the file after T2. T3: The file becomes unreadable again after T3.
11 / 53
Controllable Predicate Encryption Schemes for Inner Product Predicates
Extended Scheme The extended scheme provides not only timed-release services and data self-destruction but also long message encryption and undecryptable search The length of encrypted messages does not depend on the order of the group The cloud server can obtain only the matched ciphertexts after the search
Encryption
Ciphertext
M GT, Ppub, PK, Attribute x, T
Encryption
Ciphertext
M {0, 1}*, Ppub, PK, Attribute x, T
Cloud Server
Decryption Plaintext
Cloud Server
Test Matched Ciphertext Decryption Plaintext
Private Key Owner
12 / 53
Controllable Predicate Encryption Schemes for Inner Product Predicates Overview of Controllable Predicate Encryption Scheme
Agent (Timed Release Service) Agent.Setup Agent.GenKey
Private Key Owner (Receiver) Publish Time Release Token at time T
Agent.GenToken
Publish PK Bulletin Board
Key Generation
SK, Attribute y
Token Gen.
PK
Search Token Time Release Token
...
Senders
SK
Encryption
Decryption Cloud Server
Ciphertext
M, PK, Attribute x, T
Obtain M /⊥
Partial Key and Partial Ciphertext Distributed Hash Table (DHT) in P2P Network
Partial Key and Partial Ciphertext
13 / 53
Controllable Predicate Encryption Schemes for Inner Product Predicates Overview of Controllable Predicate Encryption Scheme – Timed-Release Services
Agent (Timed Release Service) Agent.Setup Agent.GenKey
Private Key Owner (Receiver) Publish Time Release Token at time T
Agent.GenToken
Publish PK Bulletin Board
Key Generation
SK
SK, Attribute y
Token Gen.
PK
Search Token Time Release Token
...
Senders
Timed-Release Services
Encryption
Decryption Cloud Server
Ciphertext
M, PK, Attribute x, T
Obtain M /⊥
Partial Key and Partial Ciphertext Distributed Hash Table (DHT) in P2P Network
Partial Key and Partial Ciphertext
14 / 53
Controllable Predicate Encryption Schemes for Inner Product Predicates Overview of Controllable Predicate Encryption Scheme – Data Self-Destruction
Agent (Timed Release Service) Agent.Setup Agent.GenKey
Private Key Owner (Receiver) Publish Time Release Token at time T
Agent.GenToken
Publish PK Bulletin Board
Key Generation
Search Token Time Release Token
...
Data Self-Destruction
SK, Attribute y
Token Gen.
PK
Senders
SK
Encryption
Decryption Cloud Server
Ciphertext
M, PK, Attribute x, T
Obtain M /⊥
Partial Key and Partial Ciphertext Distributed Hash Table (DHT) in P2P Network
Partial Key and Partial Ciphertext
15 / 53
Controllable Predicate Encryption Schemes for Inner Product Predicates Overview of Controllable Predicate Encryption Scheme – Data Self-Destruction
Distributed Hash Table (DHT) A DHT is a distributed, peer-to-peer (P2P) storage network consisting of multiple participating nodes. Numerous DHTs exist on the Internet, including Vuze, Mainline, and KAD. Vanishing Data Object (VDO) availability in the Vuze-based Vanish system This figure shows that for VDOs with N = 50 (shares) and threshold of 90 percent, the probability of premature destruction and prolonged availability both become vanishingly small (< 10−3 ).
16 / 53
Controllable Predicate Encryption Schemes for Inner Product Predicates Proposed Scheme – Generate Timed Release Token
The agent generates a timed-release token TRTokenT = gTw , where gT = H1 (T ) The agent will publish TRTokenT at time T Agent (Timed Release Service) Agent.Setup Agent.GenKey
Private Key Owner (Receiver) Publish Time Release Token at time T
Agent.GenToken
Publish PK Bulletin Board
Key Generation
SK, Attribute y
Token Gen.
PK
Search Token Time Release Token
...
Senders
SK
Encryption
Decryption Cloud Server
Ciphertext
M, PK, Attribute x, T
Obtain M /⊥
Partial Key and Partial Ciphertext Distributed Hash Table (DHT) in P2P Network
Partial Key and Partial Ciphertext
17 / 53
Controllable Predicate Encryption Schemes for Inner Product Predicates Proposed Scheme – Encryption
Agent (Timed Release Service) Agent.Setup Agent.GenKey
Private Key Owner (Receiver) Publish Time Release Token at time T
Agent.GenToken
Publish PK Bulletin Board
Key Generation
SK, Attribute y
Search Token Time Release Token
...
Data Self-Destruction
SK
Token Gen.
PK
Senders
Timed-Release Services
Encryption
Decryption Cloud Server
Ciphertext
M, PK, Attribute x, T
Obtain M /⊥
Partial Key and Partial Ciphertext Distributed Hash Table (DHT) in P2P Network
Partial Key and Partial Ciphertext
18 / 53
Controllable Predicate Encryption Schemes for Inner Product Predicates Proposed Scheme – Encryption
Input: A message M ∈ GT , an attribute vector x 0 = (x10 , x20 , ..., xn0 ) ∈ (Zp )n , PK , Ppub , and T (or gT ). Output: Vanishing data object VDO. 1
Randomly select si in Zp for 1 ≤ i ≤ 4.
2
Randomly choose two random keys K and K 0 ∈ GT , where K ⊕ K 0 = K¯ .
3
Compute the ciphertext: CT = Encryption(PK , x 0 , M, gT , Ppub ) as follows: g1s2 , g3s1 , {C1,i , C2,i }ni=1 , {C3,i , C4,i }ni=1 , H (K ,M)
Ω = F −s2 · K · e(Ppub · g1 2 , gT H3 (K ,M) )−1 , Θ = M ⊕ H4 (K¯ ), H (K ,M) H (K ,M) Q1 = g1 3 , Q2 = gT 2 , where x 0 s3
s1 s2 , C2,i = X2,i · Y2,i · ∆2i
xi0 s4
s1 s2 , C4,i = V2,i · W2,i · Λ2i
s1 s2 C1,i = X1,i · Y1,i · ∆1i s1 s2 C3,i = V1,i · W1,i · Λ1
x 0 s3 x 0 s4
, .
19 / 53
Controllable Predicate Encryption Schemes for Inner Product Predicates Proposed Scheme – Encryption 4 5
6 7 8
Randomly choose random numbers (α0 , α1 , ..., αt−1 , β0 , β1 , ..., βt−1 ) in Zp , where t is a threshold value. Generate two polynomials as follows: Poly1 (γ) = αt−1 γ t−1 + ... + α1 γ + Θ mod p Poly2 (γ) = βt−1 γ t−1 + ... + β1 γ + K 0 mod p and compute n˜ pairs of shares for [Poly1 (γ), Poly2 (γ)]. Use a cryptographically secure pseudorandom number generator with key K to generate n˜ indices (I1 , I2 , ..., In˜). Sprinkle n˜ pairs of shares at these locations (I1 , I2 , ..., In˜) throughout the DHT. The vanishing data object VDO consists of (g1s2 , g3s1 , {C1,i , C2,i }ni=1 , {C3,i , C4,i }ni=1 , Ω, Q1 , Q2 , t, n˜). VDO will be sent to the cloud server.
Cloud
VDO
K
Locator
…
……
…
Shares of
Sender θ K’
Distributed Hash Table (DHT) in P2P Network
pairs 20 / 53
Controllable Predicate Encryption Schemes for Inner Product Predicates Proposed Scheme – Token Generation
Agent (Timed Release Service) Agent.Setup Agent.GenKey
Private Key Owner (Receiver) Publish Time Release Token at time T
Agent.GenToken
Publish PK Bulletin Board
Key Generation
SK, Attribute y
Token Gen.
PK
Search Token Time Release Token
...
Senders
SK
Encryption
Decryption Cloud Server
Ciphertext
M, PK, Attribute x, T
Obtain M /⊥
Partial Key and Partial Ciphertext Distributed Hash Table (DHT) in P2P Network
Partial Key and Partial Ciphertext
21 / 53
Controllable Predicate Encryption Schemes for Inner Product Predicates Proposed Scheme – Token Generation
Input: SK and a vector y 0 = (y10 , y20 , ..., yn0 ) ∈ (Zp )n . Output: A search token Ky 0 relative to y 0 . 1
Randomly choose a1 , a2 , {bi }ni=1 , {ci }ni=1 in Zp .
2
Compute the search token as follows: {K1,i , K2,i , K3,i , K4,i }ni=1 , Qn −y −y −w −w KA = g4 · i=1 K1,i 1,i · K2,i 2,i · K3,i 1,i · K4,i 2,i , Qn −(bi +ci ) , KB = i=1 g2 where −δ2 ·bi
K1,i = g2
δ ·bi
K2,i = g2 1 K3,i = K4,i = 3
a ·yi0 ·x2,i
g2 1
−a1 ·yi0 ·x1,i
g2
, ,
0 −λ ·c a ·y ·v g2 2 i g2 2 i 2,i , 0 λ ·c −a ·y ·v g2 1 i g2 2 i 1,i .
The private key owner sends the search token to the cloud server.
22 / 53
Controllable Predicate Encryption Schemes for Inner Product Predicates Proposed Scheme – Decryption
Agent (Timed Release Service) Agent.Setup Agent.GenKey
Private Key Owner (Receiver) Publish Time Release Token at time T
Agent.GenToken
Publish PK Bulletin Board
Timed-Release Services
Key Generation
SK, Attribute y Inner Product = 0 or != 0
Token Gen.
PK
Search Token Time Release Token
...
Senders
SK
Encryption
Decryption Cloud Server
Ciphertext
M, PK, Attribute x, T
Obtain M /⊥
Partial Key and Partial Ciphertext
Data Self-Destruction
Distributed Hash Table (DHT) in P2P Network
Partial Key and Partial Ciphertext
23 / 53
Controllable Predicate Encryption Schemes for Inner Product Predicates Proposed Scheme – Decryption
Input: (VDO, Ky 0 , TRTokenT , Ppub ). Output: M or ⊥. 1 The agent publishes TRTokenT in a bulletin board at time T . 2 Download TRTokenT and verify e(Ppub , H1 (T )) = e(g1 , TRTokenT ). 3
Receive a search token Ky from the private key owner, and then compute Kˆ = Dec(VDO, Ky , TRTokenT ) = Ω · e(Q1 , TRTokenT )· e(Q1 , Q2 )· s2 s1 e(g Qn 1 , KA ) · e(g3 , KB )· i=1 e(C1,i , K1,i ) · e(C2,i , K2,i ) · e(C3,i , K3,i ) · e(C4,i , K4,i ).
24 / 53
Controllable Predicate Encryption Schemes for Inner Product Predicates Proposed Scheme – Decryption 4
Before the time of data self-destruction, the cloud server can take Kˆ to derive the locations of the shares of K 0 and Θ, and retrieve them.
5 6
Reconstruct two polynomials Poly1 (γ), Poly2 (γ) and get Θ, K 0 . Compute K¯ = Kˆ ⊕ K 0 .
7
ˆ = H4 (K¯ ) ⊕ Θ. Compute M
8
Check Q1 = g1 3
9
ˆ otherwise ⊥. If true, output M = M,
?
ˆ H (Kˆ ,M)
ˆ H (Kˆ ,M)
?
and Q2 = gT 2
Cloud
VDO
…
…
Locator
θ K’
M
Receiver
…
…
Distributed Hash Table (DHT) in P2P Network
.
K
25 / 53
Controllable Predicate Encryption Schemes for Inner Product Predicates – Extended Scheme
Extended Scheme The extended scheme provides not only timed-release services and data self-destruction but also long message encryption and undecryptable search The length of encrypted messages does not depend on the order of the group The cloud server can obtain only the matched ciphertexts after the search
Encryption
Ciphertext
M GT, Ppub, PK, Attribute x, T
Encryption
Ciphertext
M {0, 1}*, Ppub, PK, Attribute x, T
Cloud Server
Decryption Plaintext
Cloud Server
Test Matched Ciphertext Decryption Plaintext
Private Key Owner
26 / 53
Controllable Predicate Encryption Schemes for Inner Product Predicates – Extended Scheme Overview of Extended Scheme
Agent (Timed Release Service) Agent.Setup Agent.GenKey
Private Key Owner Obtain M /⊥ (Receiver) Publish Time Release Token at time T
Agent.GenToken
Publish PK Bulletin Board
Key Generation
SK
SK, Attribute y
Token Gen.
PK
Search Token Time Release Token
...
Senders
Decryption
Encryption
Matched Ciphertext Test
Ciphertext
Cloud Server
M, PK, Attribute x, T Partial Key and Partial Ciphertext
Partial Key and Partial Ciphertext Distributed Hash Table (DHT) in P2P Network
27 / 53
Controllable Predicate Encryption Schemes for Inner Product Predicates Properties Comparisons
[4]
[23]
[24]
[25]
[29]
[30]
[31]
[32]
[34]
[39]
[40]
Ours
Timed‐Release Services
Y
Data Self‐Destruction
Y
Prime Order
Y
Y
Y
Y
Y
Y
Y
Inner Product Predicates
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
No Illegal Access
Y
Y
Y
Y
Y
Y
Revocable Delegated Search
Y
Flexibility (Asymmetric Setting)
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
§ We can add the following properties in all schemes. “Supporting Long Message Encryption”, “Undecryptable Search”, “Undecryptable Delegated Search”
28 / 53
Controllable Predicate Encryption Schemes for Inner Product Predicates Secuirty
Semantic Security Attribute Hiding Timed-Release Property Key Confidentiality
29 / 53
Application I: Secure Webmail Service with Search Privacy Protection
Controllable Predicate Encryption for Inner Product Predicates Apply it to Ciphertexts
Search Result
Secure Webmail Service with Search Privacy Protection
System Implementation Sender
Receiver (Private Key Owner)
Public Cloud
Properties: Timed-Release Services Data Self-Destruction Supporting Long Message Encryption Undecryptable Search Applications: Encrypted Web-Mail Search Sender/Receiver Applications Apply it to Ciphertexts Search Token
Public Cloud
Secret Key Owner Search (Manager) Result
Delegated Person (Staff)
Business Data Storage System Supporting Privacy Enhanced Search in Cloud
System Implementation
Properties for Symmetric Setting: Revocable Delegated Search Undecryptable Delegated Search Applications: Delegation-Based Business Applications
30 / 53
Application I: Secure Webmail Service with Search Privacy Protection Login
This is a web mail system that supports privacy preserving search on encrypted mails.
31 / 53
Application I: Secure Webmail Service with Search Privacy Protection Overview of Implementation
Agent (Timed Release Service) Decryption of Mails
Agent.Setup Agent.GenKey Agent.GenToken
Private Key Owner Obtain M /⊥ (Receiver) Publish Time Release Token at time T Publish PK
Bulletin Board
Key Generation
SK
SK, Attribute y
Token Gen.
PK
Search Token Time Release Token
...
Senders
Decryption
Encryption
Matched Ciphertext Test
Ciphertext
Cloud Server
M, PK, Attribute x, T
Compose Mail and Set Attributes
Results of Search
32 / 53
Application I: Secure Webmail Service with Search Privacy Protection Compose Mail and Set Attributes
33 / 53
Application I: Secure Webmail Service with Search Privacy Protection Results of Search
34 / 53
Application I: Secure Webmail Service with Search Privacy Protection Decryption of Mails
35 / 53
Application II: Business Data Storage System Supporting Privacy Enhanced Search in Cloud
Controllable Predicate Encryption for Inner Product Predicates Apply it to Ciphertexts
Search Result
Secure Webmail Service with Search Privacy Protection
System Implementation Sender
Receiver (Private Key Owner)
Public Cloud
Properties: Timed-Release Services Data Self-Destruction Supporting Long Message Encryption Undecryptable Search Applications: Encrypted Web-Mail Search Sender/Receiver Applications Apply it to Ciphertexts Search Token
Public Cloud
Secret Key Owner Search (Manager) Result
Delegated Person (Staff)
Business Data Storage System Supporting Privacy Enhanced Search in Cloud
System Implementation
Properties for Symmetric Setting: Revocable Delegated Search Undecryptable Delegated Search Applications: Delegation-Based Business Applications
36 / 53
Application II: Business Data Storage System Supporting Privacy Enhanced Search in Cloud Properties
We propose a variant of symmetric predicate encryption, which provides controllable privacy preserving search functionalities Revocable delegated search The owner of a cloud storage can easily control the lifetimes of search tokens
Undecryptable delegated search A delegated person cannot decrypt the returned matched ciphertexts even though he has the delegated privilege of search
37 / 53
How to Construct a Symmetric Predicate Encryption from a Asymmetric one (Supporting Revocable Delegated Search and Undecryptable Delegated Search)
Private Key Owner Obtain M /⊥ (Receiver)
Asymmetric Setting
Decryption Publish PK Bulletin Board
Key Generation
SK
SK, Attribute y Ciphertext
Token Gen.
PK
Search Token Test
...
Senders
Encryption
Cloud Server
Ciphertext
M, PK, Attribute x, T
Symmetric Setting
Secret Key Owner Obtain M /⊥ M, SK, Attribute x, T
Key Generation
Decryption SK
SK, Attribute y
Token Gen.
Ciphertext
Search Token Test Encryption
Ciphertext
Cloud Server 38 / 53
How to Construct a Symmetric Predicate Encryption from a Asymmetric one (Supporting Revocable Delegated Search and Undecryptable Delegated Search)
Secret Key Owner (Manager) Key Generation Token Generation
SK SK, Vector y Search Token & Decryption Token
M, SK, Vector x Encryption Ciphertext CT
Delegated Person (Staff)
Cloud Server
Search Token & Decryption Token Query (Generate Query by Using Search Token) Matched Ciphertexts
Decryption
Test (Search)
Decryption Token {M}
39 / 53
How to Construct a Symmetric Predicate Encryption from a Asymmetric one (Supporting Revocable Delegated Search and Undecryptable Delegated Search)
Undecryptable Delegated Search Secret Key Owner (Manager) Key Generation Token Generation
Revocable Delegated Search
SK SK, Vector y Search Token & Decryption Token
M, SK, Vector x Encryption Ciphertext CT
Delegated Person (Staff)
Cloud Server
Search Token & Decryption Token Query (Generate Query by Using Search Token) Matched Ciphertexts
Decryption
Decryption Token
Test (Search) Commitment of Search Token
{M}
40 / 53
Application II: Business Data Storage System Supporting Privacy Enhanced Search in Cloud Login
41 / 53
Application II: Business Data Storage System Supporting Privacy Enhanced Search in Cloud Implementation Model
It is implemented in the CHT hicloud system. Secret Key Owner (Manager)
Private Cloud Key Generation Token Generation
SK SK, Vector y Search Token & Decryption Token
M, SK, Vector x Encryption Ciphertext CT
Delegated Person (Staff)
Public Cloud Cloud Server
Search Token & Decryption Token Query (Generate Query by Using Search Token) Matched Ciphertexts
Decryption
Test (Search)
Decryption Token {M}
42 / 53
Application II: Business Data Storage System Supporting Privacy Enhanced Search in Cloud Private Cloud – Encryption, Token Generation
Secret Key Owner (Manager)
Private Cloud Key Generation Token Generation
SK SK, Vector y Search Token & Decryption Token
M, SK, Vector x Encryption Ciphertext CT
Delegated Person (Staff)
Public Cloud Cloud Server
Search Token & Decryption Token Query (Generate Query by Using Search Token) Matched Ciphertexts
Decryption
Test (Search)
Decryption Token {M}
43 / 53
Application II: Business Data Storage System Supporting Privacy Enhanced Search in Cloud Private Cloud – Encryption, Token Generation
Secret Key Owner (Manager)
Private Cloud Key Generation Token Generation
SK SK, Vector y Search Token & Decryption Token
M, SK, Vector x Encryption Ciphertext CT
Delegated Person (Staff)
Public Cloud Cloud Server
Search Token & Decryption Token Query (Generate Query by Using Search Token) Matched Ciphertexts
Decryption
Test (Search)
Decryption Token {M}
44 / 53
Application II: Business Data Storage System Supporting Privacy Enhanced Search in Cloud Private Cloud – Encryption, Token Generation
Set Attributes of Ciphertext
45 / 53
Application II: Business Data Storage System Supporting Privacy Enhanced Search in Cloud Private Cloud – Encryption, Token Generation
Set Attributes of Token
46 / 53
Application II: Business Data Storage System Supporting Privacy Enhanced Search in Cloud Public Cloud – Search, Decryption
Secret Key Owner (Manager)
Private Cloud Key Generation Token Generation
SK SK, Vector y Search Token & Decryption Token
M, SK, Vector x Encryption Ciphertext CT
Delegated Person (Staff)
Public Cloud Cloud Server
Search Token & Decryption Token Query (Generate Query by Using Search Token) Matched Ciphertexts
Decryption
Test (Search)
Decryption Token {M}
47 / 53
Application II: Business Data Storage System Supporting Privacy Enhanced Search in Cloud Public Cloud – Search, Decryption
Secret Key Owner (Manager)
Private Cloud Key Generation Token Generation
SK SK, Vector y Search Token & Decryption Token
M, SK, Vector x Encryption Ciphertext CT
Delegated Person (Staff)
Public Cloud Cloud Server
Search Token & Decryption Token Query (Generate Query by Using Search Token) Matched Ciphertexts
Decryption
Test (Search)
Decryption Token {M}
48 / 53
Application II: Business Data Storage System Supporting Privacy Enhanced Search in Cloud Public Cloud – Search, Decryption
49 / 53
Application II: Business Data Storage System Supporting Privacy Enhanced Search in Cloud Private Cloud – Revocation of Search Token
Secret Key Owner (Manager)
Private Cloud Key Generation Token Generation
SK SK, Vector y Search Token & Decryption Token
M, SK, Vector x Encryption Ciphertext CT
Delegated Person (Staff)
Public Cloud Cloud Server
Search Token & Decryption Token Query (Generate Query by Using Search Token) Matched Ciphertexts
Decryption
Test (Search)
Decryption Token {M}
50 / 53
Application II: Business Data Storage System Supporting Privacy Enhanced Search in Cloud Private Cloud – Revocation of Search Token
51 / 53
Conclusion
We proposed controllable predicate encryption schemes These are the first works that can provide: Timed-Release Services Data Self-Destruction Long Message Encryption Undecryptable Search Revocable Delegated Search Undecryptable Delegated Search
Applications Secure Webmail Service with Search Privacy Protection Business Data Storage System Supporting Privacy Enhanced Search in Cloud
In future works, we hope to develop controllable predicate encryption schemes supporting privacy homomorphic operations on ciphertexts
52 / 53
53 / 53
